Abstract

Cyber threats are a severed challenge in current communications networks. Several security measures were introduced to at different network layers to enhance security. One of the common networking security solutions is intrusion detection and prevention systems, with more focus on detecting the attacks. Various approaches are being used in network threat detection, for instance, signature-based and anomalies detection methods. Signature-based depends on a database of predefined attacks signature, in operation, the systems compare the traffic against the signature, if a match occurs, then an attack is identified. This approach cannot detect attacks that do not have a signature in the database. The anomalies detection approach utilizing various approaches to define the threats, for instance, statistical, and machine learning algorithms. Several machine learning algorithms had been used for network anomalies detection. A major common deficiency was poor accuracy, which kept the approach not industrially applicable. In this paper, we propose a framework for network anomalies detection. The proposed framework showed improvement in detection accuracy. The framework adopts semi-unsupervised algorithms for novelty detection to tackle the rapid development in the cyber security attacks. The framework embraces the unsupervised deep learning in more elegant technique, where it dramatically reduces the features from the first phase.